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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )IS Responsive to communication(s) filed on 12 August 2004 . 
2a)E3 This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 
Disposition of Claims 

4) I3 Claim(s) 1-49 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5M Claim(s) 15-24.36-43 and 49 is/are allowed. 

6) [3 Claim(s) 1. 2.4-6.8.1 0.1 1.1 3.1 4.25-29. 31. 32.34.35.44 A5A7 .48 is/are rejected. 

7) (3 Claim(s) 3.9. 12.30.33 and 46 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 22 June 1999 is/are: a)H accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

1 1) D The proposed drawing correction filed on is: a)D approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§ 119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)dAII b)Q Some*c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received, 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 . 

Attachment(s) 

1 ) D Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) Paper No(s). . 

2) CH Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) O Notice of Informal Patent Application (PTO-1 52) 

3) O Information Disclosure Statement(s) (PTO-1 449) Paper No(s) . 6) O Other: 
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DETAILED ACTION 
Response to Arguments 

1. Applicant's arguments filed 12 August 2004 have been fully considered but they are not 
persuasive. Applicant's argument that The Open Group reference does not disclose having a non- 
specified number security keys is not persuasive because The Open Group discloses that system 
contains authentication information for multiple systems (Pages 1-2), wherein the authentication 
information includes encryption keys (Page 114). 

2. Applicant's argument that The Open Group reference does not disclose generation of at 
least one new security key for the subscriber based on received key attribute data is not 
persuasive because The Open Group discloses on page 10 under the heading "The XSSO 
services invoked by the Primary Sign-on Application are responsible for:" discloses that 
information acquired from the user is used to generate authentication information for the primary 
sign-on and any subsequent secondary sign-ons, wherein the authentication information includes 
encryption keys (Page 114). 

Claim Rejections - 35 USC §102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

4. Claims 1, 2, 4-8, 10, 1 1, 13, 25-29, 32, 34, 35, 44, 45, 47, 48 are rejected under 35 
U.S.C. 102(b) as being anticipated by The Open Group, "X/Open Single Sign-On Service 
(XSSO) - Plugged Authentication Modules". Referring to claims 1, 2, 4, 7, 8, 1 1, 13, 25, 26, 29, 
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32, 34, 44, 45, 47, Open Group discloses a single sign-on service wherein an end user need only 
sign-on once in order to access multiple domains (Page 3). The user provides at log-on any and 
all information necessary to provide a user session on the workstation. The XSSO sign-on 
service provides an authentication mechanism for multiple components for implementing user 
authentication and session establishment whilst maintaining a common interface for the calling 
application, which meets the limitation of providing a configurable security key manifest 
operative to contain a non-prespecified number of security keys. The XSSO sign-on service has a 
service cache the provides storage for sign-on information obtained or derived as a part of the 
primary sign-on operation from which it can be retrieved for use in subsequent secondary sign- 
on operation during the current user session (Page 10), which meets the limitation of accepting 
new key attribute data to produce a configured security key manifest and generation of at least 
one new security key for the subscriber based on received key attribute data contained in the 
configured security key manifest. Pages 14-17 and 38 further outline the authentication 
procedures of the single sign-on method illustrating the authentication of an old authentication 
token and the generation of new authentication tokens. Pages 110 and 1 14 disclose that the 
authentication token can be cryptographic keys in symmetric or asymmetric form, which meets 
the limitation of generating a new public key pair for the subscriber based on content of the 
configurable security key manifest. 

Referring to claims 5, 6, 10, 27, 28, 35, 48, Open Group discloses that the XSSO sign-on 
support services caches the user authentication information (Pages 10-11), which meets the 
limitation of the configured security key manifest including subscriber data and authentication 
data. The information retrieved or derived during the primary sign-on operation may be cached 
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(Page 20), which meets the limitation of preexisting credential set. In order for the user to 
authenticate with a secondary domain, a secondary sign-on operation is run that retrieves the 
information cached during the primary sign-on operation and is used to create secondary 
authentication information (Pages 20, 70, 72, 77, 83), which meets the limitation of comparing 
the updated security key manifest to the preexisting credential set containing at least one 
preexisting cryptographic security key and updating the preexisting credential set based on the 
comparison. 

Allowable Subject Matter 

5. Claims 15-24, 36-43, and 49 are allowed. 

6. Claims 3, 9, 12, 30, 33, 46 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the limitations of the 
base claim and any intervening claims. 

7. The following is a statement of reasons for the indication of allowable subject matter: 
The prior art does not disclose a security key manifest as described in the present application that 
can receive new key attribute data through a configurable security key manifest template, or that 
the configured security key manifest is digitally signed. 

Conclusion 

8. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
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the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin E Lanier whose telephone number is 571-272-3805. 
The examiner can normally be reached on M-ThO 7: 30am- 5: 00pm, F 7:30am-4pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 




Benjamin E. Lanier 




GILBERTO BARRON 37** 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



